International Cyber Security Awareness Month a.k.a. “Hacktober”

Welcome to International Cyber Security Awareness month, known as Hacktober.

It’s a lesser-known fact that small and medium business are being targeted more and more by cybercriminals and there is a valid reason for this; Hackers tend to focus on easy and vulnerable targets-it’s a random selection based on the Hackers search on the internet for vulnerable devices, easy access or it can be a case of less savvy staff being ‘socially engineered’ to allow hacker’s access to the business’s system.

There are a number of common vectors for cyber-attack including

• Insecure remote access, compromised or poor passwords, malicious websites, malicious advertising (or malvertising)
• Malicious insiders (accidental or intentional personnel and staff), physical access, Denial of Service (DoS), system misconfiguration and unchanged defaults
• Man-in-the-middle, vulnerable operating systems, vulnerable applications, vulnerable hardware
• Social engineering (phishing, spear phishing, whaling, smishing, vishing), trojans, viruses, worms, ransomware, session hijacking, cross-site request forgery…

and to put these in perspective, a 2 year old laptop with a popular windows operating system, even with anti-virus can be vulnerable and attractive to cyber criminals.

There are several steps to mitigate attacks from the vectors mentioned.  Have you implemented these? If you answer no to any of these, you could be exposed.

• Antivirus, Endpoint Detection and Response (or advanced antivirus), web filter, spam filter
• Secure remote access via a VPN, ad-blockers in your browsers
• Password managers, physically secure your servers, a robust backup solution,
• Perform patch updating on your operating systems and applications, multi-factor authentication
• Appropriate policies and training for all staff for cyber security, password best practices and social engineering identification.

You need to remember, attackers only get smarter and better, they never get worse-and they have sophisticated applications in their tool box. This means your cyber security posture may be effective today, but tomorrow it may not. Like all security scenario’s, you must identify, then minimise your risk.

For Hacktober, Loyal I.T. Solutions will be bringing you articles and insights to help you know more about Cyber Security and to assist you in reducing your risks.